Just another Instructional Web Sites site
Time to bring the Solaris workstations into our new infrastructure, to discover all the hidden Debian-specific parts in my Puppet manifests, and then fix them to be platform-neutral. First off, I need to be able to ensure a common base installation on my Solaris systems, and to have that base be as hands-off as possible. …
Continue reading “Solaris Jumpstart Installations In An All-Debian Environment”
I know I’m late to the game with this part of my setup, but nonetheless, I’m happy with the results. The short form of it is that Debian’s nagios-nrpe-server package lets my central Nagios server keep track of my clients’ disk space, load averages, etc. Granted, I already had most of that visible through Ganglia, …
Continue reading “Watching Remote System Status with Nagios and NRPE”
I’m mildly embarrassed by my previous setup authentication servers, but this one should be a vast improvement. A reminder of the existing constraints and conditions: Lots of Linux systems and a few Solaris systems, some of which dual-boot and aren’t accessible as *nix systems during normal hours of the day An Active Directory already in …
Continue reading “Authentication Servers, the Next Generation”
On to Puppet. I’ve not yet factored everything about the new server out into separate modules or classes; that’ll come later. But things that will either get reused on other systems (e.g., Active Directory ties) or things that need to be generated consistently and repeatedly (e.g., Amanda configurations) have been factored out. The new server’s …
Remember that no one cares if you can back up — only if you can restore. — Amanda 2.5.2 Documentation So we’ve got a new file server in the middle of initial installation and configuration. The file server is one of our most mission-critical systems — if mail goes down, a half-dozen people care. If …
(Original post here.) For the moment, I’m working on Debian GNU/Linux. Everything bought new (since sometime last fall) has the current stable release (4.0r0, or “etch”) installed, and everything older has the previous stable release (3.1r6, or “sarge”). Assuming that I keep apt sources for both the primary Debian archives and their security updates, the …
UPDATE: this page largely superceded by the stowedpackage puppet definition. Back in part 1, I outlined how I’m getting a consistent package load on my various hosts with pkgsync and puppet. This works great for things that are already included in Debian. And I’ll make .deb packages of some of our third-party commercial applications, too …
Continue reading “Client Application Management (Part 2, for stow packages)”
(Original infrastructures.org writeup here.) Wow, this part has been a learning experience. The things I’ve picked up out of this stage: aptitude is not apt-get. Obvious, yes. But how different they are was not apparent until this weekend. pkgsync is great, and does exactly what it claims, but read its claims very carefully, since it …
Continue reading “Client Application Management (Part 1, for .deb packages)”
Time synchronization makes lots of things work better, including: make Kerberos tar syslog We’ve got a central NTP server on campus, and I’m using that to sync from. Puppet handles ntp and ntpdate configuration on the managed systems. Components of that setup: ntp.pp and ntpdate.pp classes imported from puppet/classes Virtualization-detecting facter recipe (originally from here, …
In infrastructures.org terminology, the gold server is the one location that all clients check in with to see if they need to make any configuration changes. No changes needed? No changes made. No gold server available right now? No changes made, check back later. In theory, this should be a pretty simple server to provision. …